BlackTech, a Chinese advanced persistent threat group, is deploying a sophisticated new shellcode called "BendyBear" as part of its latest espionage campaign, security firm Palo Alto Networks reports.
As the investigation into the hacking of a water treatment facility in Florida continues, cybersecurity experts say the incident points to the urgent need to enhance operational technology security. Here are five key questions the incident raises.
Good news in the fight to prevent COVID-19 infections: Researchers report that a digital contact-tracing app rolled out in England and Wales that's designed to keep users' data private and secure is helping to blunt the spread of the pandemic. They urge continuing global uptake of such apps.
A hacker breached a Florida city's water treatment network, increasing the amount of lye that would be added to the water to a dangerous level. Officials say they caught the change immediately and reversed it. Reuters reports that the system was accessed via the city's TeamViewer remote access software.
Three CISOs offer real-world insights on addressing the challenges involved in implementing a "zero trust" framework to enhance security in an era when so many remote employees are accessing applications and data in the cloud as well as within internal networks.
Hackers used a fake Forcepoint extension, leveraging the Google Chrome Sync feature, to exfiltrate data and send commands to infected browsers, according to a report by a Croation security researcher writing for the SANS Institute.
What action can companies take to help prevent occupational fraud by insiders? Ganeshwaran Thuraisingham of the Association of Certified Fraud Examiners shares some important steps taken by the association in the APAC region to build awareness of emerging fraud trends and how to mitigate risks.
In the wake of COVID-19-accelerated transformation and the SolarWinds hack, the importance of understanding your organization's digital exposure is more critical than ever. In this latest Cybersecurity Leadership panel, CEOs and CISOs discuss asset discovery and attack surface vulnerability.
Get answers to all your questions about how to seize cloud opportunities and realize your business’ potential—while also protecting all your data beyond what’s possible on-premises—in this wide-ranging conversation among experts and thought leaders from Microsoft and Barracuda. And a sneak peek of the Cloud to...
Researchers at Kaspersky are warning that fraudsters are targeting Discord users with a scam centered on a fake cryptocurrency exchange and using the lure of free bitcoin or ethereum cryptocurrency to steal money and personal data.
Researchers with NetScout are warning that attackers are abusing certain versions of the Plex media server app to strengthen and amplify DDoS attacks. The FBI has also warned about increases in DDoS attacks that use these types of amplification techniques.
Microsoft's security team says the company's Office 365 suite of products did not serve as an initial entry point for the hackers who waged the SolarWinds supply chain attack. And SolarWinds' CEO says that no Office 365 vulnerability has been identified that would have opened the door to the attack.
Researchers at the security firm Netlab have identified a previously undocumented botnet dubbed "Matryosh" that is targeting vulnerable Android devices to help build its network so it can conduct distributed denial-of-service attacks.
The Fonix ransomware gang has closed down its operations and has released a decryptor key, according to Malwarebytes and Kaspersky. But security researchers warn the gang, like others, might re-emerge with new tactics.
Darknet markets just had their best year ever, led by Hydra, which accounted for 75% of the $1.7 billion in 2020 revenue such markets generated, Chainalysis reports. One key to Hydra's success is the Russian-language marketplace's constant innovation.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.